Log - Arch Linux

AVG-2637 edited at 17 Apr 2022 09:16:50

Status

-	Vulnerable
+	Fixed

Fixed

+	82.0.4227.43-1

Advisory qualified

-	Yes
+	No

Notes

	Opera version 82.0.4227.33 is based on Chromium version 96.0.4664.93 according to the reference.
+	Opera version 82.0.4227.43 is based on Chromium version 96.0.4664.110.

CVE-2022-28356 edited at 15 Apr 2022 21:19:38

Remote

-	Unknown
+	Local

Type

-	Unknown
+	Arbitrary code execution

Notes

+	local and arbitrary code execution are assumed from the context

AVG-2674 edited at 15 Apr 2022 21:02:42

References

-	https://github.com/archlinux/linux/commit/615d069dcf1207462ce30c05a2f47d461be8f6c8
-	https://github.com/anthraxx/linux-hardened/commits/master/net/llc/af_llc.c
-	https://github.com/archlinux/linux/commits/master/net/llc/af_llc.c

Notes

+	does not apply as it was introduced in 5.17

AVG-2675 edited at 15 Apr 2022 21:01:34

Status

-	Unknown
+	Not affected

Fixed

5.17.1-1

Advisory qualified

-	Yes
+	No

Notes

-	havent figured out if this applies
+	does not apply as it was introduced in 5.17

CVE-2022-28356 edited at 15 Apr 2022 20:58:36

Description

In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c

In the Linux kernel 5.17 before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c, if it finds an ARPHRD_ETHER type net device, it will hold the device's refcount, but doesn't release the device if it fails to find a usable sap later. If llc_ui_bind() is called on a socket multiple times and provided with a used sllc_sap each time, the device's refcount will be increased unexpectedly, and the device cannot be removed then. An attacker can leverage this flaw to trigger an integer overflow on the device's refcount and eventually lead to a use-after-free bug. The function llc_ui_autobind() has the same issue.

References

+	https://www.openwall.com/lists/oss-security/2022/04/06/1
+	https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17
+	https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17.1
+	https://github.com/torvalds/linux/commit/615d069dcf1207462ce30c05a2f47d461be8f6c8
	https://github.com/torvalds/linux/commit/764f4eb6846f5475f1244767d24d25dd86528a4a
	https://github.com/torvalds/linux/commit/2d327a79ee176930dc72c131a970c891d367c1dc
-	https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17.1
-	https://www.openwall.com/lists/oss-security/2022/04/06/1

AVG-2674 edited at 15 Apr 2022 20:00:41

Status

-	Unknown
+	Not affected

Advisory qualified

-	Yes
+	No

References

+	https://github.com/archlinux/linux/commit/615d069dcf1207462ce30c05a2f47d461be8f6c8
+	https://github.com/anthraxx/linux-hardened/commits/master/net/llc/af_llc.c
+	https://github.com/archlinux/linux/commits/master/net/llc/af_llc.c

Notes

-	havent figured out if this applies

CVE-2022-28356 edited at 15 Apr 2022 18:51:05

References

	https://github.com/torvalds/linux/commit/764f4eb6846f5475f1244767d24d25dd86528a4a
+	https://github.com/torvalds/linux/commit/2d327a79ee176930dc72c131a970c891d367c1dc
	https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17.1
	https://www.openwall.com/lists/oss-security/2022/04/06/1

AVG-2664 edited at 15 Apr 2022 15:53:40

Advisory qualified

-	Yes
+	No

AVG-2092 edited at 15 Apr 2022 15:53:20

Advisory qualified

-	Yes
+	No

AVG-2312 edited at 15 Apr 2022 15:53:06

Advisory qualified

-	Yes
+	No